[ 21.110146] audit: type=1800 audit(1566158869.073:27): pid=5726 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 21.261843] sshd (5798) used greatest stack depth: 23344 bytes left [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 33.687328] IPVS: ftp: loaded support on port[0] = 21 [ 63.212727] can: request_module (can-proto-0) failed. [ 63.222686] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.0.191' (ECDSA) to the list of known hosts. 2019/08/18 20:08:40 parsed 1 programs 2019/08/18 20:08:40 executed programs: 0 [ 72.772596] IPVS: ftp: loaded support on port[0] = 21 [ 72.783257] IPVS: ftp: loaded support on port[0] = 21 [ 72.804906] IPVS: ftp: loaded support on port[0] = 21 [ 72.878817] IPVS: ftp: loaded support on port[0] = 21 [ 72.894503] IPVS: ftp: loaded support on port[0] = 21 [ 72.923105] IPVS: ftp: loaded support on port[0] = 21 [ 73.688081] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.695086] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.708540] device bridge_slave_0 entered promiscuous mode [ 73.738858] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.745234] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.765898] device bridge_slave_0 entered promiscuous mode [ 73.774761] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.781803] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.789194] device bridge_slave_0 entered promiscuous mode [ 73.814498] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.826430] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.836831] device bridge_slave_1 entered promiscuous mode [ 73.844345] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.852566] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.860062] device bridge_slave_1 entered promiscuous mode [ 73.872708] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.882697] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.889648] device bridge_slave_1 entered promiscuous mode [ 73.899218] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.905595] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.917263] device bridge_slave_0 entered promiscuous mode [ 73.928488] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.934861] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.942810] device bridge_slave_0 entered promiscuous mode [ 73.955480] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.970061] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.979602] device bridge_slave_0 entered promiscuous mode [ 74.007722] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.014105] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.022974] device bridge_slave_1 entered promiscuous mode [ 74.031100] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.039957] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.050690] device bridge_slave_1 entered promiscuous mode [ 74.078117] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.085320] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.097666] device bridge_slave_1 entered promiscuous mode [ 74.159444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.192821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.225493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.251241] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.272012] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.291378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.329594] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.347956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.393191] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.417569] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.440005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.462174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.478240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.507965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 74.537965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 74.549271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.577146] team0: Port device team_slave_0 added [ 74.583775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.591990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.623426] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 74.642660] team0: Port device team_slave_0 added [ 74.656903] team0: Port device team_slave_1 added [ 74.671740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.691439] team0: Port device team_slave_0 added [ 74.705344] team0: Port device team_slave_0 added [ 74.725729] team0: Port device team_slave_1 added [ 74.737085] team0: Port device team_slave_1 added [ 74.744378] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.766210] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.793668] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.805064] team0: Port device team_slave_1 added [ 74.822450] team0: Port device team_slave_0 added [ 74.835126] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.845809] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.857379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.870902] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.879650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.890816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.901722] team0: Port device team_slave_0 added [ 74.915137] team0: Port device team_slave_1 added [ 74.924519] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.943597] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.953766] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.966668] team0: Port device team_slave_1 added [ 74.992305] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 75.003603] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 75.013265] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 75.025125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 75.033717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 75.054860] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 75.074211] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 75.083574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 75.091773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 75.110421] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 75.126709] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 75.145435] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 75.153177] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 75.161389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 75.169173] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 75.177381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 75.191443] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 75.200754] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 75.209075] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 75.216971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 75.240520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 75.256728] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 75.275621] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 75.301062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 75.641288] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.647814] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.654861] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.661350] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.680922] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.687346] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.694128] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.700523] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.744190] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.750644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.757296] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.763681] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.782336] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.788801] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.795637] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.802065] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.831089] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.837519] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.844154] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.850584] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.903193] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.909636] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.916324] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.922772] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.492613] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.511384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.519075] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.526331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.533816] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.541999] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 77.645029] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.747938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.810279] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.838088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.862802] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.922832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.999785] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 78.009767] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.132109] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 78.140507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.175191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 78.186673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.228626] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.276822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 78.283810] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.308609] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.317138] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 78.337191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.376897] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.383184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 78.394182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.494860] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.506974] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.516793] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.265166] Started in network mode [ 79.270451] Own node identity ac14142, cluster identity 4711 [ 79.278098] New replicast peer: 0.0.0.0 [ 79.282435] check_preemption_disabled: 3 callbacks suppressed [ 79.282442] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor0/7448 [ 79.298108] caller is dst_cache_get+0x33/0xa0 [ 79.302591] CPU: 1 PID: 7448 Comm: syz-executor0 Not tainted 5.3.0-rc4+ #1 [ 79.309611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.318949] Call Trace: [ 79.321625] dump_stack+0x113/0x167 [ 79.325239] debug_smp_processor_id.cold.2+0x84/0x97 [ 79.330320] dst_cache_get+0x33/0xa0 [ 79.334131] tipc_udp_xmit.isra.15+0xb9/0xc60 [ 79.338616] ? tipc_udp_addr2str+0x150/0x150 [ 79.343000] ? __copy_skb_header+0x293/0x4b0 [ 79.347393] ? __skb_checksum_complete+0x380/0x380 [ 79.352488] ? netdev_alloc_frag+0x160/0x160 [ 79.356899] ? match_held_lock+0x500/0x5b0 [ 79.361226] ? skb_copy_header+0x16/0x2a0 [ 79.365362] ? __pskb_copy_fclone+0x4a9/0xc70 [ 79.369841] tipc_udp_send_msg+0x229/0x3d0 [ 79.374229] tipc_bearer_xmit_skb+0x12c/0x290 [ 79.378709] tipc_enable_bearer+0x7a6/0xab0 [ 79.383421] ? tipc_bearer_xmit_skb+0x290/0x290 [ 79.388072] ? __nla_validate_parse+0xa1/0x1d90 [ 79.392723] ? nla_memcpy+0xa0/0xa0 [ 79.396347] __tipc_nl_bearer_enable+0x265/0x390 [ 79.401089] ? __tipc_nl_bearer_enable+0x265/0x390 [ 79.406011] ? tipc_nl_bearer_disable+0x30/0x30 [ 79.410773] ? __nla_validate_parse+0xa1/0x1d90 [ 79.415436] tipc_nl_bearer_enable+0x1d/0x30 [ 79.419829] genl_family_rcv_msg+0x5d5/0x1160 [ 79.424304] ? genl_unregister_family+0x6d0/0x6d0 [ 79.429125] ? __kasan_check_read+0x11/0x20 [ 79.433431] ? __lock_acquire+0x96a/0x4b70 [ 79.437654] genl_rcv_msg+0xa7/0x140 [ 79.441349] netlink_rcv_skb+0x13f/0x380 [ 79.445391] ? genl_family_rcv_msg+0x1160/0x1160 [ 79.450125] ? netlink_ack+0x990/0x990 [ 79.453991] ? netlink_deliver_tap+0x182/0xad0 [ 79.458560] ? __kasan_check_read+0x11/0x20 [ 79.462874] genl_rcv+0x23/0x40 [ 79.466133] netlink_unicast+0x444/0x640 [ 79.470173] ? netlink_attachskb+0x6f0/0x6f0 [ 79.474576] ? _copy_from_iter_full+0x19e/0x7e0 [ 79.479226] ? __kasan_check_read+0x11/0x20 [ 79.483533] ? __check_object_size+0x203/0x2ea [ 79.488097] netlink_sendmsg+0x75d/0xc40 [ 79.492563] ? netlink_unicast+0x640/0x640 [ 79.496788] ? move_addr_to_kernel.part.20+0xd0/0xd0 [ 79.501876] ? netlink_unicast+0x640/0x640 [ 79.506194] sock_sendmsg+0xe6/0x110 [ 79.509971] ___sys_sendmsg+0x658/0x980 [ 79.513927] ? copy_msghdr_from_user+0x420/0x420 [ 79.518796] ? lock_downgrade+0x900/0x900 [ 79.522923] ? __kasan_check_read+0x11/0x20 [ 79.527314] ? __fget+0x2b1/0x420 [ 79.530747] ? ksys_dup3+0x2e0/0x2e0 [ 79.534444] ? __might_fault+0xf1/0x1b0 [ 79.538407] ? __fget_light+0x179/0x1f0 [ 79.542376] ? lock_acquire+0x194/0x410 [ 79.546330] ? __fdget+0xe/0x10 [ 79.549586] __sys_sendmsg+0xd9/0x180 [ 79.553360] ? __sys_sendmsg_sock+0xb0/0xb0 [ 79.557662] ? __kasan_check_read+0x11/0x20 [ 79.561969] ? _copy_to_user+0xcb/0xf0 [ 79.565837] ? put_timespec64+0xa9/0x100 [ 79.569894] ? nsecs_to_jiffies+0x20/0x20 [ 79.574035] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 79.579378] __x64_sys_sendmsg+0x73/0xb0 [ 79.583416] do_syscall_64+0xd6/0x550 [ 79.587210] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 79.592381] RIP: 0033:0x4577c9 [ 79.595553] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 79.614854] RSP: 002b:00007ff25da48c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 79.622544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004577c9 [ 79.629792] RDX: 0000000000000080 RSI: 0000000020001e40 RDI: 0000000000000003 [ 79.637654] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 79.644909] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff25da496d4 [ 79.652252] R13: 00000000004c42db R14: 00000000004d7220 R15: 00000000ffffffff [ 79.661517] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor0/7448 [ 79.671241] caller is dst_cache_set_ip4+0x97/0x2dc [ 79.676248] CPU: 0 PID: 7448 Comm: syz-executor0 Not tainted 5.3.0-rc4+ #1 [ 79.683244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.692646] Call Trace: [ 79.695228] dump_stack+0x113/0x167 [ 79.698837] debug_smp_processor_id.cold.2+0x84/0x97 [ 79.703920] dst_cache_set_ip4+0x97/0x2dc [ 79.708056] ? dst_cache_get_ip6+0x1b0/0x1b0 [ 79.712458] ? xfrm_lookup_route+0x1f/0x170 [ 79.716771] tipc_udp_xmit.isra.15+0x7c2/0xc60 [ 79.721330] ? tipc_udp_addr2str+0x150/0x150 [ 79.726029] ? __copy_skb_header+0x293/0x4b0 [ 79.730543] ? __skb_checksum_complete+0x380/0x380 [ 79.735456] ? skb_copy_header+0x16/0x2a0 [ 79.739677] ? __pskb_copy_fclone+0x4a9/0xc70 [ 79.744156] tipc_udp_send_msg+0x229/0x3d0 [ 79.748373] tipc_bearer_xmit_skb+0x12c/0x290 [ 79.752861] tipc_enable_bearer+0x7a6/0xab0 [ 79.757173] ? tipc_bearer_xmit_skb+0x290/0x290 [ 79.761821] ? __nla_validate_parse+0xa1/0x1d90 [ 79.766486] ? nla_memcpy+0xa0/0xa0 [ 79.770119] __tipc_nl_bearer_enable+0x265/0x390 [ 79.774855] ? __tipc_nl_bearer_enable+0x265/0x390 [ 79.779860] ? tipc_nl_bearer_disable+0x30/0x30 [ 79.784516] ? __nla_validate_parse+0xa1/0x1d90 [ 79.789172] tipc_nl_bearer_enable+0x1d/0x30 [ 79.793561] genl_family_rcv_msg+0x5d5/0x1160 [ 79.798286] ? genl_unregister_family+0x6d0/0x6d0 [ 79.803195] ? __kasan_check_read+0x11/0x20 [ 79.807493] ? __lock_acquire+0x96a/0x4b70 [ 79.811736] genl_rcv_msg+0xa7/0x140 [ 79.815445] netlink_rcv_skb+0x13f/0x380 [ 79.819607] ? genl_family_rcv_msg+0x1160/0x1160 [ 79.824722] ? netlink_ack+0x990/0x990 [ 79.828629] ? netlink_deliver_tap+0x182/0xad0 [ 79.833198] ? __kasan_check_read+0x11/0x20 [ 79.837500] genl_rcv+0x23/0x40 [ 79.840954] netlink_unicast+0x444/0x640 [ 79.845315] ? netlink_attachskb+0x6f0/0x6f0 [ 79.849729] ? _copy_from_iter_full+0x19e/0x7e0 [ 79.854478] ? __kasan_check_read+0x11/0x20 [ 79.858784] ? __check_object_size+0x203/0x2ea [ 79.863366] netlink_sendmsg+0x75d/0xc40 [ 79.867412] ? netlink_unicast+0x640/0x640 [ 79.871629] ? move_addr_to_kernel.part.20+0xd0/0xd0 [ 79.876716] ? netlink_unicast+0x640/0x640 [ 79.880929] sock_sendmsg+0xe6/0x110 [ 79.884706] ___sys_sendmsg+0x658/0x980 [ 79.888663] ? copy_msghdr_from_user+0x420/0x420 [ 79.893537] ? lock_downgrade+0x900/0x900 [ 79.897670] ? __kasan_check_read+0x11/0x20 [ 79.901984] ? __fget+0x2b1/0x420 [ 79.905420] ? ksys_dup3+0x2e0/0x2e0 [ 79.909223] ? __might_fault+0xf1/0x1b0 [ 79.913206] ? __fget_light+0x179/0x1f0 [ 79.917169] ? lock_acquire+0x194/0x410 [ 79.921131] ? __fdget+0xe/0x10 [ 79.924390] __sys_sendmsg+0xd9/0x180 [ 79.928191] ? __sys_sendmsg_sock+0xb0/0xb0 [ 79.932808] ? __kasan_check_read+0x11/0x20 [ 79.937122] ? _copy_to_user+0xcb/0xf0 [ 79.941007] ? put_timespec64+0xa9/0x100 [ 79.945076] ? nsecs_to_jiffies+0x20/0x20 [ 79.958116] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 79.971246] __x64_sys_sendmsg+0x73/0xb0 [ 79.977622] do_syscall_64+0xd6/0x550 [ 79.981410] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 79.986636] RIP: 0033:0x4577c9 [ 79.989811] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 80.008692] RSP: 002b:00007ff25da48c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.016377] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004577c9 [ 80.023634] RDX: 0000000000000080 RSI: 0000000020001e40 RDI: 0000000000000003 [ 80.030882] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 80.038335] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff25da496d4 [ 80.045637] R13: 00000000004c42db R14: 00000000004d7220 R15: 00000000ffffffff [ 80.054905] Enabled bearer , priority 10 2019/08/18 20:08:48 executed programs: 6 [ 80.084341] Enabling of bearer rejected, already enabled [ 80.122731] Enabling of bearer rejected, already enabled [ 80.130249] Enabling of bearer rejected, already enabled [ 80.154018] Enabling of bearer rejected, already enabled [ 80.168769] Enabling of bearer rejected, already enabled [ 80.207614] Enabling of bearer rejected, already enabled [ 80.231551] Enabling of bearer rejected, already enabled [ 80.287582] Enabling of bearer rejected, already enabled [ 80.302469] Enabling of bearer rejected, already enabled [ 80.320667] Started in network mode [ 80.333565] Own node identity ac14142, cluster identity 4711 [ 80.340105] New replicast peer: 0.0.0.0 [ 80.344482] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor5/7502 [ 80.353270] caller is dst_cache_get+0x33/0xa0 [ 80.356713] 32-bit node address hash set to 201414ac [ 80.357799] CPU: 0 PID: 7502 Comm: syz-executor5 Not tainted 5.3.0-rc4+ #1 [ 80.369883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.379233] Call Trace: [ 80.381856] dump_stack+0x113/0x167 [ 80.385467] debug_smp_processor_id.cold.2+0x84/0x97 [ 80.390562] dst_cache_get+0x33/0xa0 [ 80.394275] tipc_udp_xmit.isra.15+0xb9/0xc60 [ 80.398766] ? tipc_udp_addr2str+0x150/0x150 [ 80.403153] ? __copy_skb_header+0x293/0x4b0 [ 80.407550] ? __skb_checksum_complete+0x380/0x380 [ 80.412477] ? netdev_alloc_frag+0x160/0x160 [ 80.416874] ? match_held_lock+0x500/0x5b0 [ 80.421093] ? skb_copy_header+0x16/0x2a0 [ 80.425220] ? __pskb_copy_fclone+0x4a9/0xc70 [ 80.429701] tipc_udp_send_msg+0x229/0x3d0 [ 80.433935] tipc_bearer_xmit_skb+0x12c/0x290 [ 80.438600] tipc_enable_bearer+0x7a6/0xab0 [ 80.442915] ? tipc_bearer_xmit_skb+0x290/0x290 [ 80.447568] ? __nla_validate_parse+0xa1/0x1d90 [ 80.452214] ? rtnl_lock+0x12/0x20 [ 80.455744] ? nla_memcpy+0xa0/0xa0 [ 80.459739] __tipc_nl_bearer_enable+0x265/0x390 [ 80.464581] ? __tipc_nl_bearer_enable+0x265/0x390 [ 80.469494] ? tipc_nl_bearer_disable+0x30/0x30 [ 80.474147] ? __nla_validate_parse+0xa1/0x1d90 [ 80.478830] tipc_nl_bearer_enable+0x1d/0x30 [ 80.483220] genl_family_rcv_msg+0x5d5/0x1160 [ 80.487712] ? genl_unregister_family+0x6d0/0x6d0 [ 80.492623] ? __kasan_check_read+0x11/0x20 [ 80.496924] ? __lock_acquire+0x96a/0x4b70 [ 80.501149] genl_rcv_msg+0xa7/0x140 [ 80.504838] netlink_rcv_skb+0x13f/0x380 [ 80.508876] ? genl_family_rcv_msg+0x1160/0x1160 [ 80.513607] ? netlink_ack+0x990/0x990 [ 80.517474] ? netlink_deliver_tap+0x182/0xad0 [ 80.522033] ? __kasan_check_read+0x11/0x20 [ 80.526335] genl_rcv+0x23/0x40 [ 80.529589] netlink_unicast+0x444/0x640 [ 80.533626] ? netlink_attachskb+0x6f0/0x6f0 [ 80.538011] ? _copy_from_iter_full+0x19e/0x7e0 [ 80.542660] ? __kasan_check_read+0x11/0x20 [ 80.546966] ? __check_object_size+0x203/0x2ea [ 80.551635] netlink_sendmsg+0x75d/0xc40 [ 80.555693] ? netlink_unicast+0x640/0x640 [ 80.560164] ? move_addr_to_kernel.part.20+0xd0/0xd0 [ 80.565279] ? netlink_unicast+0x640/0x640 [ 80.569502] sock_sendmsg+0xe6/0x110 [ 80.573199] ___sys_sendmsg+0x658/0x980 [ 80.577155] ? copy_msghdr_from_user+0x420/0x420 [ 80.581895] ? lock_downgrade+0x900/0x900 [ 80.586046] ? __kasan_check_read+0x11/0x20 [ 80.590351] ? __fget+0x2b1/0x420 [ 80.593784] ? ksys_dup3+0x2e0/0x2e0 [ 80.597484] ? __might_fault+0xf1/0x1b0 [ 80.601471] ? __fget_light+0x179/0x1f0 [ 80.605435] ? lock_acquire+0x194/0x410 [ 80.609426] ? __fdget+0xe/0x10 [ 80.612693] __sys_sendmsg+0xd9/0x180 [ 80.616484] ? __sys_sendmsg_sock+0xb0/0xb0 [ 80.620815] ? __kasan_check_read+0x11/0x20 [ 80.625123] ? _copy_to_user+0xcb/0xf0 [ 80.629008] ? put_timespec64+0xa9/0x100 [ 80.633056] ? nsecs_to_jiffies+0x20/0x20 [ 80.637190] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 80.642645] __x64_sys_sendmsg+0x73/0xb0 [ 80.646707] do_syscall_64+0xd6/0x550 [ 80.650502] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 80.655676] RIP: 0033:0x4577c9 [ 80.659122] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 80.678009] RSP: 002b:00007fe637b3ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.685717] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004577c9 [ 80.692973] RDX: 0000000000000080 RSI: 0000000020001e40 RDI: 0000000000000003 [ 80.700232] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 80.707491] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe637b3f6d4 [ 80.714761] R13: 00000000004c42db R14: 00000000004d7220 R15: 00000000ffffffff [ 80.723357] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor5/7502 [ 80.732209] caller is dst_cache_set_ip4+0x97/0x2dc [ 80.737586] CPU: 1 PID: 7502 Comm: syz-executor5 Not tainted 5.3.0-rc4+ #1 [ 80.744582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.753916] Call Trace: [ 80.756501] dump_stack+0x113/0x167 [ 80.760271] debug_smp_processor_id.cold.2+0x84/0x97 [ 80.765364] dst_cache_set_ip4+0x97/0x2dc [ 80.769666] ? dst_cache_get_ip6+0x1b0/0x1b0 [ 80.774064] ? xfrm_lookup_route+0x1f/0x170 [ 80.778367] tipc_udp_xmit.isra.15+0x7c2/0xc60 [ 80.782931] ? tipc_udp_addr2str+0x150/0x150 [ 80.787355] ? __copy_skb_header+0x293/0x4b0 [ 80.791762] ? __skb_checksum_complete+0x380/0x380 [ 80.796689] ? skb_copy_header+0x16/0x2a0 [ 80.800818] ? __pskb_copy_fclone+0x4a9/0xc70 [ 80.805294] tipc_udp_send_msg+0x229/0x3d0 [ 80.809516] tipc_bearer_xmit_skb+0x12c/0x290 [ 80.813996] tipc_enable_bearer+0x7a6/0xab0 [ 80.818303] ? tipc_bearer_xmit_skb+0x290/0x290 [ 80.823088] ? __nla_validate_parse+0xa1/0x1d90 [ 80.827741] ? rtnl_lock+0x12/0x20 [ 80.831284] ? nla_memcpy+0xa0/0xa0 [ 80.835117] __tipc_nl_bearer_enable+0x265/0x390 [ 80.839864] ? __tipc_nl_bearer_enable+0x265/0x390 [ 80.844777] ? tipc_nl_bearer_disable+0x30/0x30 [ 80.849433] ? __nla_validate_parse+0xa1/0x1d90 [ 80.854091] tipc_nl_bearer_enable+0x1d/0x30 [ 80.858476] genl_family_rcv_msg+0x5d5/0x1160 [ 80.862951] ? genl_unregister_family+0x6d0/0x6d0 [ 80.867861] ? __kasan_check_read+0x11/0x20 [ 80.872161] ? __lock_acquire+0x96a/0x4b70 [ 80.876388] genl_rcv_msg+0xa7/0x140 [ 80.880168] netlink_rcv_skb+0x13f/0x380 [ 80.884208] ? genl_family_rcv_msg+0x1160/0x1160 [ 80.888944] ? netlink_ack+0x990/0x990 [ 80.892902] ? netlink_deliver_tap+0x182/0xad0 [ 80.897469] ? __kasan_check_read+0x11/0x20 [ 80.901798] genl_rcv+0x23/0x40 [ 80.905064] netlink_unicast+0x444/0x640 [ 80.909108] ? netlink_attachskb+0x6f0/0x6f0 [ 80.913502] ? _copy_from_iter_full+0x19e/0x7e0 [ 80.918183] ? __kasan_check_read+0x11/0x20 [ 80.922585] ? __check_object_size+0x203/0x2ea [ 80.927182] netlink_sendmsg+0x75d/0xc40 [ 80.931235] ? netlink_unicast+0x640/0x640 [ 80.935478] ? move_addr_to_kernel.part.20+0xd0/0xd0 [ 80.940568] ? netlink_unicast+0x640/0x640 [ 80.945134] sock_sendmsg+0xe6/0x110 [ 80.948829] ___sys_sendmsg+0x658/0x980 [ 80.952873] ? copy_msghdr_from_user+0x420/0x420 [ 80.957605] ? lock_downgrade+0x900/0x900 [ 80.961737] ? __kasan_check_read+0x11/0x20 [ 80.966058] ? __fget+0x2b1/0x420 [ 80.969499] ? ksys_dup3+0x2e0/0x2e0 [ 80.973281] ? __might_fault+0xf1/0x1b0 [ 80.977391] ? __fget_light+0x179/0x1f0 [ 80.981358] ? lock_acquire+0x194/0x410 [ 80.985323] ? __fdget+0xe/0x10 [ 80.988595] __sys_sendmsg+0xd9/0x180 [ 80.992386] ? __sys_sendmsg_sock+0xb0/0xb0 [ 80.996690] ? __kasan_check_read+0x11/0x20 [ 81.000989] ? _copy_to_user+0xcb/0xf0 [ 81.004887] ? put_timespec64+0xa9/0x100 [ 81.008930] ? nsecs_to_jiffies+0x20/0x20 [ 81.013059] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.021215] __x64_sys_sendmsg+0x73/0xb0 [ 81.025264] do_syscall_64+0xd6/0x550 [ 81.029054] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.034251] RIP: 0033:0x4577c9 [ 81.037435] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.056863] RSP: 002b:00007fe637b3ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.064561] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004577c9 [ 81.071835] RDX: 0000000000000080 RSI: 0000000020001e40 RDI: 0000000000000003 [ 81.079336] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 81.086585] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe637b3f6d4 [ 81.093837] R13: 00000000004c42db R14: 00000000004d7220 R15: 00000000ffffffff [ 81.103793] Enabled bearer , priority 10 [ 81.116495] Started in network mode [ 81.121285] Own node identity ac14142, cluster identity 4711 [ 81.139712] New replicast peer: 0.0.0.0 [ 81.152011] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor1/7506 [ 81.160907] caller is dst_cache_get+0x33/0xa0 [ 81.165390] CPU: 0 PID: 7506 Comm: syz-executor1 Not tainted 5.3.0-rc4+ #1 [ 81.172381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.181747] Call Trace: [ 81.186987] dump_stack+0x113/0x167 [ 81.190601] debug_smp_processor_id.cold.2+0x84/0x97 [ 81.195681] dst_cache_get+0x33/0xa0 [ 81.199373] tipc_udp_xmit.isra.15+0xb9/0xc60 [ 81.203878] ? tipc_udp_addr2str+0x150/0x150 [ 81.208271] ? __copy_skb_header+0x293/0x4b0 [ 81.212657] ? __skb_checksum_complete+0x380/0x380 [ 81.217565] ? netdev_alloc_frag+0x160/0x160 [ 81.222035] ? match_held_lock+0x500/0x5b0 [ 81.226349] ? skb_copy_header+0x16/0x2a0 [ 81.230479] ? __pskb_copy_fclone+0x4a9/0xc70 [ 81.234956] tipc_udp_send_msg+0x229/0x3d0 [ 81.239178] tipc_bearer_xmit_skb+0x12c/0x290 [ 81.243652] tipc_enable_bearer+0x7a6/0xab0 [ 81.247953] ? tipc_bearer_xmit_skb+0x290/0x290 [ 81.252599] ? __nla_validate_parse+0xa1/0x1d90 [ 81.257597] ? rtnl_lock+0x12/0x20 [ 81.261124] ? nla_memcpy+0xa0/0xa0 [ 81.264735] __tipc_nl_bearer_enable+0x265/0x390 [ 81.269488] ? __tipc_nl_bearer_enable+0x265/0x390 [ 81.274398] ? tipc_nl_bearer_disable+0x30/0x30 [ 81.279052] ? __nla_validate_parse+0xa1/0x1d90 [ 81.283704] tipc_nl_bearer_enable+0x1d/0x30 [ 81.288089] genl_family_rcv_msg+0x5d5/0x1160 [ 81.292568] ? genl_unregister_family+0x6d0/0x6d0 [ 81.297391] ? __kasan_check_read+0x11/0x20 [ 81.301691] ? __lock_acquire+0x96a/0x4b70 [ 81.305912] genl_rcv_msg+0xa7/0x140 [ 81.309608] netlink_rcv_skb+0x13f/0x380 [ 81.313658] ? genl_family_rcv_msg+0x1160/0x1160 [ 81.318390] ? netlink_ack+0x990/0x990 [ 81.322255] ? netlink_deliver_tap+0x182/0xad0 [ 81.326811] ? __kasan_check_read+0x11/0x20 [ 81.331113] genl_rcv+0x23/0x40 [ 81.334367] netlink_unicast+0x444/0x640 [ 81.338407] ? netlink_attachskb+0x6f0/0x6f0 [ 81.342790] ? _copy_from_iter_full+0x19e/0x7e0 [ 81.347443] ? __kasan_check_read+0x11/0x20 [ 81.351748] ? __check_object_size+0x203/0x2ea [ 81.356312] netlink_sendmsg+0x75d/0xc40 [ 81.360358] ? netlink_unicast+0x640/0x640 [ 81.364583] ? move_addr_to_kernel.part.20+0xd0/0xd0 [ 81.369669] ? netlink_unicast+0x640/0x640 [ 81.373911] sock_sendmsg+0xe6/0x110 [ 81.377615] ___sys_sendmsg+0x658/0x980 [ 81.381573] ? copy_msghdr_from_user+0x420/0x420 [ 81.386305] ? lock_downgrade+0x900/0x900 [ 81.390433] ? __kasan_check_read+0x11/0x20 [ 81.395034] ? __fget+0x2b1/0x420 [ 81.398466] ? ksys_dup3+0x2e0/0x2e0 [ 81.402159] ? __might_fault+0xf1/0x1b0 [ 81.406110] ? __fget_light+0x179/0x1f0 [ 81.410073] ? lock_acquire+0x194/0x410 [ 81.414037] ? __fdget+0xe/0x10 [ 81.417311] __sys_sendmsg+0xd9/0x180 [ 81.421092] ? __sys_sendmsg_sock+0xb0/0xb0 [ 81.425391] ? __kasan_check_read+0x11/0x20 [ 81.429692] ? _copy_to_user+0xcb/0xf0 [ 81.433572] ? put_timespec64+0xa9/0x100 [ 81.437621] ? nsecs_to_jiffies+0x20/0x20 [ 81.441754] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.447134] __x64_sys_sendmsg+0x73/0xb0 [ 81.451191] do_syscall_64+0xd6/0x550 [ 81.455004] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.460182] RIP: 0033:0x4577c9 [ 81.463359] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.482250] RSP: 002b:00007ff85061fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.489951] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004577c9 [ 81.497441] RDX: 0000000000000080 RSI: 0000000020001e40 RDI: 0000000000000004 [ 81.504704] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 81.512089] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff8506206d4 [ 81.520143] R13: 00000000004c42db R14: 00000000004d7220 R15: 00000000ffffffff [ 81.528220] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor1/7506 [ 81.529219] 32-bit node address hash set to 201414ac [ 81.536886] caller is dst_cache_set_ip4+0x97/0x2dc [ 81.546920] CPU: 1 PID: 7506 Comm: syz-executor1 Not tainted 5.3.0-rc4+ #1 [ 81.554066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.563487] Call Trace: [ 81.566079] dump_stack+0x113/0x167 [ 81.569786] debug_smp_processor_id.cold.2+0x84/0x97 [ 81.574873] dst_cache_set_ip4+0x97/0x2dc [ 81.579010] ? dst_cache_get_ip6+0x1b0/0x1b0 [ 81.583412] ? xfrm_lookup_route+0x1f/0x170 [ 81.587744] tipc_udp_xmit.isra.15+0x7c2/0xc60 [ 81.592415] ? tipc_udp_addr2str+0x150/0x150 [ 81.596899] ? __copy_skb_header+0x293/0x4b0 [ 81.602434] ? __skb_checksum_complete+0x380/0x380 [ 81.607380] ? skb_copy_header+0x16/0x2a0 [ 81.611624] ? __pskb_copy_fclone+0x4a9/0xc70 [ 81.616197] tipc_udp_send_msg+0x229/0x3d0 [ 81.620421] tipc_bearer_xmit_skb+0x12c/0x290 [ 81.624901] tipc_enable_bearer+0x7a6/0xab0 [ 81.629205] ? tipc_bearer_xmit_skb+0x290/0x290 [ 81.633878] ? __nla_validate_parse+0xa1/0x1d90 [ 81.638549] ? rtnl_lock+0x12/0x20 [ 81.642102] ? nla_memcpy+0xa0/0xa0 [ 81.645723] __tipc_nl_bearer_enable+0x265/0x390 [ 81.650465] ? __tipc_nl_bearer_enable+0x265/0x390 [ 81.655899] ? tipc_nl_bearer_disable+0x30/0x30 [ 81.660551] ? __nla_validate_parse+0xa1/0x1d90 [ 81.665475] tipc_nl_bearer_enable+0x1d/0x30 [ 81.669900] genl_family_rcv_msg+0x5d5/0x1160 [ 81.674384] ? genl_unregister_family+0x6d0/0x6d0 [ 81.679289] ? __kasan_check_read+0x11/0x20 [ 81.683608] ? __lock_acquire+0x96a/0x4b70 [ 81.687833] genl_rcv_msg+0xa7/0x140 [ 81.691644] netlink_rcv_skb+0x13f/0x380 [ 81.695711] ? genl_family_rcv_msg+0x1160/0x1160 [ 81.700459] ? netlink_ack+0x990/0x990 [ 81.704460] ? netlink_deliver_tap+0x182/0xad0 [ 81.709022] ? __kasan_check_read+0x11/0x20 [ 81.713860] genl_rcv+0x23/0x40 [ 81.717122] netlink_unicast+0x444/0x640 [ 81.721164] ? netlink_attachskb+0x6f0/0x6f0 [ 81.725554] ? _copy_from_iter_full+0x19e/0x7e0 [ 81.730202] ? __kasan_check_read+0x11/0x20 [ 81.734969] ? __check_object_size+0x203/0x2ea [ 81.739624] netlink_sendmsg+0x75d/0xc40 [ 81.743695] ? netlink_unicast+0x640/0x640 [ 81.747942] ? move_addr_to_kernel.part.20+0xd0/0xd0 [ 81.753036] ? netlink_unicast+0x640/0x640 [ 81.757262] sock_sendmsg+0xe6/0x110 [ 81.761047] ___sys_sendmsg+0x658/0x980 [ 81.765030] ? copy_msghdr_from_user+0x420/0x420 [ 81.769934] ? lock_downgrade+0x900/0x900 [ 81.774091] ? __kasan_check_read+0x11/0x20 [ 81.779274] ? __fget+0x2b1/0x420 [ 81.782979] ? ksys_dup3+0x2e0/0x2e0 [ 81.786702] ? __might_fault+0xf1/0x1b0 [ 81.790754] ? __fget_light+0x179/0x1f0 [ 81.794750] ? lock_acquire+0x194/0x410 [ 81.798816] ? __fdget+0xe/0x10 [ 81.802173] __sys_sendmsg+0xd9/0x180 [ 81.805953] ? __sys_sendmsg_sock+0xb0/0xb0 [ 81.810261] ? __kasan_check_read+0x11/0x20 [ 81.814597] ? _copy_to_user+0xcb/0xf0 [ 81.818562] ? put_timespec64+0xa9/0x100 [ 81.822636] ? nsecs_to_jiffies+0x20/0x20 [ 81.826796] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.832158] __x64_sys_sendmsg+0x73/0xb0 [ 81.836337] do_syscall_64+0xd6/0x550 [ 81.840121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.845387] RIP: 0033:0x4577c9 [ 81.848670] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.868647] RSP: 002b:00007ff85061fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.876351] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004577c9 [ 81.883939] RDX: 0000000000000080 RSI: 0000000020001e40 RDI: 0000000000000004 [ 81.892382] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 81.899637] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff8506206d4 [ 81.907254] R13: 00000000004c42db R14: 00000000004d7220 R15: 00000000ffffffff [ 81.917538] Enabled bearer , priority 10 [ 81.933300] Enabling of bearer rejected, already enabled [ 81.945558] Enabling of bearer rejected, already enabled [ 81.955735] Enabling of bearer rejected, already enabled [ 81.964099] Enabling of bearer rejected, already enabled [ 82.078628] Started in network mode [ 82.083976] Own node identity ac14142, cluster identity 4711 [ 82.097509] New replicast peer: 0.0.0.0 [ 82.101574] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor2/7540 [ 82.110517] caller is dst_cache_get+0x33/0xa0 [ 82.115008] CPU: 1 PID: 7540 Comm: syz-executor2 Not tainted 5.3.0-rc4+ #1 [ 82.122013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.131355] Call Trace: [ 82.133928] dump_stack+0x113/0x167 [ 82.137548] debug_smp_processor_id.cold.2+0x84/0x97 [ 82.142652] dst_cache_get+0x33/0xa0 [ 82.146438] tipc_udp_xmit.isra.15+0xb9/0xc60 [ 82.150934] ? tipc_udp_addr2str+0x150/0x150 [ 82.155360] ? __copy_skb_header+0x293/0x4b0 [ 82.159750] ? __skb_checksum_complete+0x380/0x380 [ 82.164660] ? netdev_alloc_frag+0x160/0x160 [ 82.169151] ? match_held_lock+0x500/0x5b0 [ 82.173368] ? skb_copy_header+0x16/0x2a0 [ 82.177594] ? __pskb_copy_fclone+0x4a9/0xc70 [ 82.182074] tipc_udp_send_msg+0x229/0x3d0 [ 82.186311] tipc_bearer_xmit_skb+0x12c/0x290 [ 82.190913] tipc_enable_bearer+0x7a6/0xab0 [ 82.195217] ? tipc_bearer_xmit_skb+0x290/0x290 [ 82.199886] ? __nla_validate_parse+0xa1/0x1d90 [ 82.204561] ? nla_memcpy+0xa0/0xa0 [ 82.208263] __tipc_nl_bearer_enable+0x265/0x390 [ 82.212998] ? __tipc_nl_bearer_enable+0x265/0x390 [ 82.217909] ? tipc_nl_bearer_disable+0x30/0x30 [ 82.222591] ? __nla_validate_parse+0xa1/0x1d90 [ 82.227377] tipc_nl_bearer_enable+0x1d/0x30 [ 82.231787] genl_family_rcv_msg+0x5d5/0x1160 [ 82.236459] ? genl_unregister_family+0x6d0/0x6d0 [ 82.241306] ? __kasan_check_read+0x11/0x20 [ 82.245637] ? __lock_acquire+0x96a/0x4b70 [ 82.249869] genl_rcv_msg+0xa7/0x140 [ 82.253563] netlink_rcv_skb+0x13f/0x380 [ 82.257604] ? genl_family_rcv_msg+0x1160/0x1160 [ 82.262381] ? netlink_ack+0x990/0x990 [ 82.266255] ? netlink_deliver_tap+0x182/0xad0 [ 82.270823] ? __kasan_check_read+0x11/0x20 [ 82.275146] genl_rcv+0x23/0x40 [ 82.278411] netlink_unicast+0x444/0x640 [ 82.282558] ? netlink_attachskb+0x6f0/0x6f0 [ 82.286948] ? _copy_from_iter_full+0x19e/0x7e0 [ 82.291595] ? __kasan_check_read+0x11/0x20 [ 82.295906] ? __check_object_size+0x203/0x2ea [ 82.300468] netlink_sendmsg+0x75d/0xc40 [ 82.304509] ? netlink_unicast+0x640/0x640 [ 82.308726] ? move_addr_to_kernel.part.20+0xd0/0xd0 [ 82.313822] ? netlink_unicast+0x640/0x640 [ 82.318040] sock_sendmsg+0xe6/0x110 [ 82.321733] ___sys_sendmsg+0x658/0x980 [ 82.325710] ? copy_msghdr_from_user+0x420/0x420 [ 82.330450] ? lock_downgrade+0x900/0x900 [ 82.334582] ? __kasan_check_read+0x11/0x20 [ 82.338883] ? __fget+0x2b1/0x420 [ 82.342367] ? ksys_dup3+0x2e0/0x2e0 [ 82.346060] ? __might_fault+0xf1/0x1b0 [ 82.350050] ? __fget_light+0x179/0x1f0 [ 82.354002] ? lock_acquire+0x194/0x410 [ 82.357954] ? __fdget+0xe/0x10 [ 82.361234] __sys_sendmsg+0xd9/0x180 [ 82.365020] ? __sys_sendmsg_sock+0xb0/0xb0 [ 82.369396] ? __kasan_check_read+0x11/0x20 [ 82.373699] ? _copy_to_user+0xcb/0xf0 [ 82.377600] ? put_timespec64+0xa9/0x100 [ 82.381643] ? nsecs_to_jiffies+0x20/0x20 [ 82.385777] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.391125] __x64_sys_sendmsg+0x73/0xb0 [ 82.395363] do_syscall_64+0xd6/0x550 [ 82.399154] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.404344] RIP: 0033:0x4577c9 [ 82.407516] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.426503] RSP: 002b:00007fbd056ffc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.434198] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004577c9 [ 82.441476] RDX: 0000000000000080 RSI: 0000000020001e40 RDI: 0000000000000003 [ 82.448732] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 82.455986] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbd057006d4 [ 82.463348] R13: 00000000004c42db R14: 00000000004d7220 R15: 00000000ffffffff [ 82.472423] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor2/7540 [ 82.481049] caller is dst_cache_set_ip4+0x97/0x2dc [ 82.486359] CPU: 1 PID: 7540 Comm: syz-executor2 Not tainted 5.3.0-rc4+ #1 [ 82.486379] 32-bit node address hash set to 201414ac [ 82.493831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.493834] Call Trace: [ 82.493846] dump_stack+0x113/0x167 [ 82.493859] debug_smp_processor_id.cold.2+0x84/0x97 [ 82.493868] dst_cache_set_ip4+0x97/0x2dc [ 82.493876] ? dst_cache_get_ip6+0x1b0/0x1b0 [ 82.493884] ? xfrm_lookup_route+0x1f/0x170 [ 82.493896] tipc_udp_xmit.isra.15+0x7c2/0xc60 [ 82.493904] ? tipc_udp_addr2str+0x150/0x150 [ 82.541716] ? __copy_skb_header+0x293/0x4b0 [ 82.546117] ? __skb_checksum_complete+0x380/0x380 [ 82.551038] ? skb_copy_header+0x16/0x2a0 [ 82.555167] ? __pskb_copy_fclone+0x4a9/0xc70 [ 82.559664] tipc_udp_send_msg+0x229/0x3d0 [ 82.563894] tipc_bearer_xmit_skb+0x12c/0x290 [ 82.568380] tipc_enable_bearer+0x7a6/0xab0 [ 82.572684] ? tipc_bearer_xmit_skb+0x290/0x290 [ 82.577344] ? __nla_validate_parse+0xa1/0x1d90 [ 82.581994] ? nla_memcpy+0xa0/0xa0 [ 82.585607] __tipc_nl_bearer_enable+0x265/0x390 [ 82.590443] ? __tipc_nl_bearer_enable+0x265/0x390 [ 82.595365] ? tipc_nl_bearer_disable+0x30/0x30 [ 82.600013] ? __nla_validate_parse+0xa1/0x1d90 [ 82.604671] tipc_nl_bearer_enable+0x1d/0x30 [ 82.609079] genl_family_rcv_msg+0x5d5/0x1160 [ 82.613568] ? genl_unregister_family+0x6d0/0x6d0 [ 82.618400] ? __kasan_check_read+0x11/0x20 [ 82.622717] ? __lock_acquire+0x96a/0x4b70 [ 82.627059] genl_rcv_msg+0xa7/0x140 [ 82.630768] netlink_rcv_skb+0x13f/0x380 [ 82.634822] ? genl_family_rcv_msg+0x1160/0x1160 [ 82.640261] ? netlink_ack+0x990/0x990 [ 82.644152] ? netlink_deliver_tap+0x182/0xad0 [ 82.648716] ? __kasan_check_read+0x11/0x20 [ 82.653019] genl_rcv+0x23/0x40 [ 82.656321] netlink_unicast+0x444/0x640 [ 82.660382] ? netlink_attachskb+0x6f0/0x6f0 [ 82.664792] ? _copy_from_iter_full+0x19e/0x7e0 [ 82.669453] ? __kasan_check_read+0x11/0x20 [ 82.673773] ? __check_object_size+0x203/0x2ea [ 82.678349] netlink_sendmsg+0x75d/0xc40 [ 82.682406] ? netlink_unicast+0x640/0x640 [ 82.686625] ? move_addr_to_kernel.part.20+0xd0/0xd0 [ 82.691715] ? netlink_unicast+0x640/0x640 [ 82.695940] sock_sendmsg+0xe6/0x110 [ 82.699637] ___sys_sendmsg+0x658/0x980 [ 82.703605] ? copy_msghdr_from_user+0x420/0x420 [ 82.708351] ? lock_downgrade+0x900/0x900 [ 82.712490] ? __kasan_check_read+0x11/0x20 [ 82.716797] ? __fget+0x2b1/0x420 [ 82.720236] ? ksys_dup3+0x2e0/0x2e0 [ 82.723936] ? __might_fault+0xf1/0x1b0 [ 82.727901] ? __fget_light+0x179/0x1f0 [ 82.732054] ? lock_acquire+0x194/0x410 [ 82.736178] ? __fdget+0xe/0x10 [ 82.739449] __sys_sendmsg+0xd9/0x180 [ 82.743229] ? __sys_sendmsg_sock+0xb0/0xb0 [ 82.747536] ? __kasan_check_read+0x11/0x20 [ 82.751860] ? _copy_to_user+0xcb/0xf0 [ 82.755760] ? put_timespec64+0xa9/0x100 [ 82.759827] ? nsecs_to_jiffies+0x20/0x20 [ 82.763966] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.769322] __x64_sys_sendmsg+0x73/0xb0 [ 82.773379] do_syscall_64+0xd6/0x550 [ 82.777168] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.782339] RIP: 0033:0x4577c9 [ 82.785511] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.804647] RSP: 002b:00007fbd056ffc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.812367] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004577c9 [ 82.819746] RDX: 0000000000000080 RSI: 0000000020001e40 RDI: 0000000000000003 [ 82.827090] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 82.834349] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbd057006d4 [ 82.841602] R13: 00000000004c42db R14: 00000000004d7220 R15: 00000000ffffffff [ 82.849130] ------------[ cut here ]------------ [ 82.850455] Enabled bearer , priority 10 [ 82.854206] WARNING: CPU: 1 PID: 16 at include/net/dst.h:228 dst_hold.part.1+0x10/0x14 [ 82.867212] Kernel panic - not syncing: panic_on_warn set ... [ 82.873112] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.3.0-rc4+ #1 [ 82.876170] kobject: 'loop4' (00000000df363a5e): kobject_uevent_env [ 82.879773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.879777] Call Trace: [ 82.879788] dump_stack+0x113/0x167 [ 82.879799] ? dst_hold.part.1+0x10/0x14 [ 82.879806] panic+0x223/0x4ee [ 82.879812] ? add_taint.cold.7+0x11/0x11 [ 82.879824] __warn.cold.10+0x1b/0x45 [ 82.879829] ? dst_hold.part.1+0x10/0x14 [ 82.879833] report_bug+0x1a4/0x200 [ 82.879841] do_error_trap+0x11b/0x200 [ 82.887956] Enabling of bearer rejected, already enabled [ 82.896170] do_invalid_op+0x36/0x40 [ 82.896177] ? dst_hold.part.1+0x10/0x14 [ 82.896187] invalid_op+0x23/0x30 [ 82.896193] RIP: 0010:dst_hold.part.1+0x10/0x14 [ 82.896199] Code: 7a 26 4f fc e9 1f fe ff ff 48 8b bd 60 ff ff ff e8 09 27 4f fc e9 1a ff ff ff 55 48 c7 c7 e0 0a 99 87 48 89 e5 e8 83 ea 08 fc <0f> 0b 5d c3 48 8d 7e 30 55 48 b8 00 00 00 00 00 fc ff df 48 89 fa [ 82.896202] RSP: 0018:ffff8881da327788 EFLAGS: 00010282 [ 82.896208] RAX: 0000000000000024 RBX: 1ffff1103b464ef7 RCX: 0000000000000000 [ 82.896210] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff89d43080 [ 82.896214] RBP: ffff8881da327788 R08: ffffed103b6260d1 R09: ffffed103b6260d1 [ 82.896217] R10: ffffed103b6260d0 R11: ffff8881db130687 R12: ffff8881da327818 [ 82.896220] R13: ffff8881bcc90840 R14: ffffe8ffffdcf9a8 R15: ffff8881bcc90800 [ 82.896234] ? dst_hold.part.1+0x10/0x14 [ 82.904868] kobject: 'loop4' (00000000df363a5e): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 82.907085] dst_cache_per_cpu_get.isra.3+0x20d/0x420 [ 82.907094] ? dst_cache_set_ip6+0x620/0x620 [ 82.907103] ? rcu_read_lock_sched_held+0x108/0x120 [ 82.907109] ? kmem_cache_alloc_node_trace+0x39d/0x770 [ 82.907114] ? kasan_unpoison_shadow+0x35/0x50 [ 82.907121] dst_cache_get+0x69/0xa0 [ 82.907130] tipc_udp_xmit.isra.15+0xb9/0xc60 [ 82.907138] ? tipc_udp_addr2str+0x150/0x150 [ 82.907143] ? __copy_skb_header+0x293/0x4b0 [ 82.907150] ? __skb_checksum_complete+0x380/0x380 [ 83.105991] ? netdev_alloc_frag+0x160/0x160 [ 83.110380] ? match_held_lock+0x500/0x5b0 [ 83.114597] ? skb_copy_header+0x16/0x2a0 [ 83.118723] ? __pskb_copy_fclone+0x4a9/0xc70 [ 83.123201] tipc_udp_send_msg+0x229/0x3d0 [ 83.127419] tipc_bearer_xmit_skb+0x12c/0x290 [ 83.131903] tipc_disc_timeout+0x729/0xae0 [ 83.136118] ? __kasan_check_write+0x14/0x20 [ 83.140519] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 83.145708] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 83.150881] call_timer_fn+0x16c/0x580 [ 83.154836] ? debug_object_deactivate+0x2c4/0x3a0 [ 83.159918] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 83.165087] ? msleep_interruptible+0xf0/0xf0 [ 83.169562] ? _raw_spin_unlock_irq+0x27/0x80 [ 83.174036] ? trace_hardirqs_on+0x28/0x1b0 [ 83.178336] ? __kasan_check_read+0x11/0x20 [ 83.185192] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 83.190362] run_timer_softirq+0xd8b/0x13c0 [ 83.194667] ? _raw_spin_unlock_irq+0x27/0x80 [ 83.199452] ? add_timer+0x730/0x730 [ 83.203146] ? kvm_clock_read+0x18/0x30 [ 83.207113] ? kvm_sched_clock_read+0x9/0x20 [ 83.211607] ? sched_clock+0x31/0x40 [ 83.215299] ? __do_softirq+0x1f9/0x9b4 [ 83.219262] __do_softirq+0x268/0x9b4 [ 83.223047] ? takeover_tasklets+0x820/0x820 [ 83.227441] run_ksoftirqd+0x94/0x100 [ 83.231218] smpboot_thread_fn+0x56b/0x8c0 [ 83.235434] ? __kasan_check_read+0x11/0x20 [ 83.239732] ? smpboot_unregister_percpu_thread+0x180/0x180 [ 83.245422] ? __kasan_check_read+0x11/0x20 [ 83.249721] ? __kthread_parkme+0xc8/0x1a0 [ 83.253934] ? __kasan_check_read+0x11/0x20 [ 83.258256] kthread+0x334/0x3f0 [ 83.261602] ? smpboot_unregister_percpu_thread+0x180/0x180 [ 83.267289] ? kthread_cancel_delayed_work_sync+0x10/0x10 [ 83.272804] ret_from_fork+0x3a/0x50 [ 83.278105] Kernel Offset: disabled [ 83.281797] Rebooting in 86400 seconds..